UNPKG

@microsoft/windows-admin-center-sdk

Version:

Microsoft - Windows Admin Center Shell

850 lines (847 loc) 44.5 kB
import { map } from 'rxjs/operators'; import { LogLevel } from '../diagnostics/log-level'; import { Logging } from '../diagnostics/logging'; import { EnvironmentModule } from '../manifest/environment-modules'; import { HttpMethod } from './http'; import { headerConstants } from './http-constants'; import { Net } from './net'; /** * The Batch Connection class for creating requests and calling the Gateway's Http API */ export class BatchConnection { gateway; authorizationManager; moduleName = null; /** * Initializes a new instance of the BatchConnection class. * * @param gateway the gateway Connection * @param authorizationManager the authorization manager. */ constructor(gateway, authorizationManager) { this.gateway = gateway; this.authorizationManager = authorizationManager; } /** * Makes a batch call to the gateway api, by using provided methods for each node. * * Auth handling: createBody() handles the Auth for individual calls in the batch. It gets the needed tokens * for each node and adds to the batch body, along with rest of node call. * See authorizationManager.addAuthorizationTokensToMultiPartBody() for details. * For the outer batch call, we use the auth token from the first node in list. * @param nodesList : list of nodes we will be running the batch against. * @param relativeUrlList : list of relative Urls of nodes after "/api/nodes/<nodeName>/" * @param bodyCommandList : list of body commands, that will be present in body of a typical Post call. * This is essentially a json request that we keep as a string to put it in the body. * Ex: { * "properties": { * "command": "##GetVirtualMachines##\n\nSet-StrictMode -Version 5.0\nget-vm | Select-Object name, id, CPUUsage" * } * } * * @param methodsList : list of Http methods, with each item corresponding to the node in nodeList and relativeUrl in relativeUrlList. * @param request : optional request Properties. */ mixed(nodesList, relativeUrlList, bodyCommandList, methodsList, request) { const batchCallRelativeUrl = Net.updateApiVersion20190201(Net.batch); const boundary = MsftSme.newGuid(); const guidsList = this.generateGuidsList(nodesList.length); const guidsToRequestCtxMap = this.generateGuidToRequestContextMap(nodesList, guidsList); // populate request properties. request = this.createBatchRequest(request || {}); // populate batch request headers. this.setRequestHeaders(request, boundary); // Create batch command body. const body = this.createBody(nodesList, relativeUrlList, guidsList, methodsList, boundary, bodyCommandList, request); return this.gateway.post(batchCallRelativeUrl, body, request) .pipe(map((responseData) => { const parsedResponse = this.parseMultiPartResponse(responseData, guidsToRequestCtxMap); return parsedResponse; })); } /** * Makes a batch POST calls to the gateway api * * Auth handling: createBody() handles the Auth for individual calls in the batch. It gets the needed tokens * for each node and adds to the batch body, along with rest of node call. * See authorizationManager.addAuthorizationTokensToMultiPartBody() for details. * For the outer batch call, we use the auth token from the first node in list. * @param nodesList : list of nodes we will be running the batch against. * @param relativeUrlList : list of relative urls after "/api/nodes/<nodeName>/", for each node. * @param bodyCommandList : list of body commands, that will be present in body of a typical Post call. * @param request : optional request Properties. */ post(nodesList, relativeUrlList, bodyCommandList, request) { const batchCallRelativeUrl = Net.updateApiVersion20190201(Net.batch); const boundary = MsftSme.newGuid(); const guidsList = this.generateGuidsList(nodesList.length); const guidsToRequestCtxMap = this.generateGuidToRequestContextMap(nodesList, guidsList); // populate request properties. request = this.createBatchRequest(request || {}); // populate batch request headers. this.setRequestHeaders(request, boundary); // Create batch command body. const body = this.createBodySingleMethod(nodesList, relativeUrlList, guidsList, HttpMethod.Post, boundary, bodyCommandList, request); return this.gateway.post(batchCallRelativeUrl, body, request) .pipe(map((responseData) => { const parsedResponse = this.parseMultiPartResponse(responseData, guidsToRequestCtxMap); return parsedResponse; })); } /** * Makes a batch GET call to the gateway api * * @param nodeList: the list of names of the node to call the API for. * @param relativeUrlList: the list of relative Url after "/api/nodes/<nodeName>/" * @param request: the batch request object. */ get(nodesList, relativeUrlList, request) { const batchCallRelativeUrl = Net.updateApiVersion20190201(Net.batch); const boundary = MsftSme.newGuid(); const guidsList = this.generateGuidsList(nodesList.length); const guidsToRequestCtxMap = this.generateGuidToRequestContextMap(nodesList, guidsList); // populate request properties. request = this.createBatchRequest(request || {}); // populate batch request headers. this.setRequestHeaders(request, boundary); // Create batch command body. const body = this.createBodySingleMethod(nodesList, relativeUrlList, guidsList, HttpMethod.Get, boundary, null, request); return this.gateway.post(batchCallRelativeUrl, body, request) .pipe(map((responseData) => { const parsedResponse = this.parseMultiPartResponse(responseData, guidsToRequestCtxMap); return parsedResponse; })); } /** * Makes a batch PUT call to the gateway api * * @param nodesList : list of nodes we will be running the batch against. * @param relativeUrlList : list of relative Urls of nodes after "/api/nodes/<nodeName>/" * @param bodyCommandList : list of body commands, that will be present in body of a typical Post call. * This is essentially a json request that we keep as a string to put it in the body. * Ex: { * "properties": { * "command": "##GetVirtualMachines##\n\nSet-StrictMode -Version 5.0\nget-vm | Select-Object name, id, CPUUsage" * } * } * * @param request : optional request Properties. */ put(nodesList, relativeUrlList, bodyCommandList, request) { const batchCallRelativeUrl = Net.updateApiVersion20190201(Net.batch); const boundary = MsftSme.newGuid(); const guidsList = this.generateGuidsList(nodesList.length); const guidsToRequestCtxMap = this.generateGuidToRequestContextMap(nodesList, guidsList); // populate request properties. request = this.createBatchRequest(request || {}); // populate batch request headers. this.setRequestHeaders(request, boundary); // Create batch command body. const body = this.createBodySingleMethod(nodesList, relativeUrlList, guidsList, HttpMethod.Put, boundary, bodyCommandList, request); return this.gateway.post(batchCallRelativeUrl, body, request) .pipe(map((responseData) => { const parsedResponse = this.parseMultiPartResponse(responseData, guidsToRequestCtxMap); return parsedResponse; })); } /** * Makes a batch DELETE call to the gateway api * * @param nodeList: the list of names of the nodes to call the API for. * @param relativeUrlList: the list of relative Urls of nodes after "/api/nodes/<nodeName>/" * @param request: the batch request object. */ delete(nodesList, relativeUrlList, request) { const batchCallRelativeUrl = Net.updateApiVersion20190201(Net.batch); const boundary = MsftSme.newGuid(); const guidsList = this.generateGuidsList(nodesList.length); const guidsToRequestCtxMap = this.generateGuidToRequestContextMap(nodesList, guidsList); // populate request properties. request = this.createBatchRequest(request || {}); // populate batch request headers. this.setRequestHeaders(request, boundary); // Create batch command body. const body = this.createBodySingleMethod(nodesList, relativeUrlList, guidsList, HttpMethod.Delete, boundary, null, request); return this.gateway.post(batchCallRelativeUrl, body, request) .pipe(map((responseData) => { const parsedResponse = this.parseMultiPartResponse(responseData, guidsToRequestCtxMap); return parsedResponse; })); } /** * Adds default parameters to Batch Request. For the outside batch call, we just use the Auth for first node in batch request. * No need to append any tokens for hitting Gateway, as browser handles that. For the nodes being managed, * the tokens are already part of body. * * @param request The batch request object. */ createBatchRequest(request) { if (!request.noAuth) { // Add Node specific authorization handlers request.retryHandlers = (request.retryHandlers || []).concat([{ canHandle: (code, error) => this.authorizationManager.canHandleAjaxFailure(code, error), handle: (code, originalRequest, error) => this.authorizationManager.handleAjaxFailure(code, originalRequest, error) }]); } return request; } /** * Set the request headers for the batch call. * @param request : batch request object. * @param boundary : boundary string used to separate multi part request. */ setRequestHeaders(request, boundary) { // Set Batch request headers. const batchRequest = request; batchRequest.headers = batchRequest.headers || {}; batchRequest.headers[headerConstants.ACCEPT] = 'multipart/mixed'; batchRequest.headers[headerConstants.CONTENT_TYPE] = 'multipart/mixed; boundary={0}'.format(boundary); batchRequest.responseType = 'text'; } /** * Creates http multi-part request body, with each individual request being different Http request type. * * @param nodesList The list of target nodes. * @param relativeUrlList The relative url corresponding to each node * @param requestIdsList The guids list to be used for batch request, corresponding to each node. * @param methodList The Http method list, corresponding to each relative url in relativeUrlList. * @param boundary The boundary string to be used in multipart call * @param commandList The list of command body for each node. * @param request : optional node request options. */ createBody(nodesList, relativeUrlList, requestIdsList, methodList, boundary, commandList, request) { const host = this.gateway.gatewayUrl.replace('http://', '').replace('https://', ''); const body = []; for (let index = 0; index < nodesList.length; index++) { const nodeName = nodesList[index]; const relativeUrl = relativeUrlList[index]; const method = methodList[index]; const requestId = requestIdsList[index]; if (commandList && commandList.length === nodesList.length) { this.createAndAddSinglePart(nodeName, relativeUrl, body, host, method, boundary, requestId, commandList[index], request); } else { this.createAndAddSinglePart(nodeName, relativeUrl, body, host, method, boundary, requestId, null, request); } } body.push('--' + boundary + '--'); return body.join('\r\n'); } /** * Creates http multi-part request body using same Http method for all parts. * * @param nodesList The list of target nodes. * @param relativeUrlList The relative url corresponding to each node * @param requestIdsList The guids list to be used for batch request, corresponding to each node. * @param method The Http method to be used for the call. * @param boundary The boundary string to be used in multipart call. * @param commandList The list of command body for each node. * @param request : optional node request options. */ createBodySingleMethod(nodesList, relativeUrlList, requestIdsList, method, boundary, commandList, request) { const host = this.gateway.gatewayUrl.replace('http://', '').replace('https://', ''); const body = []; for (let index = 0; index < nodesList.length; index++) { const nodeName = nodesList[index]; const relativeUrl = relativeUrlList[index]; const requestId = requestIdsList[index]; if (commandList && commandList.length === nodesList.length) { this.createAndAddSinglePart(nodeName, relativeUrl, body, host, method, boundary, requestId, commandList[index], request); } else { this.createAndAddSinglePart(nodeName, relativeUrl, body, host, method, boundary, requestId, null, request); } } body.push('--' + boundary + '--'); return body.join('\r\n'); } /** * Create the part for a single request and add it to to the multi-Part body. * * @param nodeName : node being targeted with the request. Used for Auth headers. * @param relativeUrl : the relative url of node for Delete request. * @param body : the HTTP request body to populate. * @param host : Host to run request against. * @param method The Http method to be used for the part. * @param boundary The boundary string to be used in multipart call. * @param requestId The request Id to be used for the part call. * @param commandBody : the command body to use for this part/node. * @param request : optional node request options. */ createAndAddSinglePart(nodeName, relativeUrl, body, host, method, boundary, requestId, commandBody, request) { body.push('--' + boundary); body.push(`${headerConstants.CONTENT_TYPE}: application/http; msgtype=request`); body.push('Content-Transfer-Encoding: binary\r\n'); if (method === HttpMethod.Get) { this.addGetCommand(nodeName, relativeUrl, body, host, requestId, request); } else if (method === HttpMethod.Put) { this.addPutCommand(nodeName, relativeUrl, body, host, requestId, commandBody, request); } else if (method === HttpMethod.Post) { this.addPostCommand(nodeName, relativeUrl, body, host, requestId, commandBody, request); } else if (method === HttpMethod.Delete) { this.addDeleteCommand(nodeName, relativeUrl, body, host, requestId, request); } else { throw new Error(MsftSme.getStrings().MsftSmeShell.Core.Error.BatchUnSupportedInvocation.message.format(method)); } } /** * Create a HTTP Delete request and add it to to the multi-Part body. * * @param nodeName : node being targeted with the request. Used for Auth headers. * @param relativeUrl : the relative url of node for Delete request. * @param body : the HTTP request body to populate with Delete command. * @param host : Host to run request against. * @param requestId The request Id to be used for the part call. * @param request : optional node request options. */ addDeleteCommand(nodeName, relativeUrl, body, host, requestId, request) { const multiPartItemUrl = this.getNodeUrl(relativeUrl, nodeName, HttpMethod.Delete); body.push(multiPartItemUrl); this.writeCommonSection(nodeName, body, host, requestId, request); body.push('\r\n'); } /** * Create a HTTP Get request and add it to to the multi-Part body. * * @param nodeName : node being targeted with the request. Used for Auth headers. * @param relativeUrl : the relative url of node for Get request. * @param body : the HTTP request body to populate with Get command. * @param host : Host to run request against. * @param requestId The request Id to be used for the part call. * @param request : optional node request options. */ addGetCommand(nodeName, relativeUrl, body, host, requestId, request) { const multiPartItemUrl = this.getNodeUrl(relativeUrl, nodeName, HttpMethod.Get); body.push(multiPartItemUrl); this.writeCommonSection(nodeName, body, host, requestId, request); body.push('\r\n'); } /** * Create a HTTP Post request and add it to to the multi-Part body. * * @param nodeName : node being targeted with the request. Used for Auth headers. * @param relativeUrl : the relative url of node for Post request. * @param body : the HTTP request body to populate with Post command. * @param host : Host to run request against. * @param requestId The request Id to be used for the part call. * @param data : optional data for the Post request. * @param request : optional node request options. */ addPostCommand(nodeName, relativeUrl, body, host, requestId, data, request) { const multiPartItemUrl = this.getNodeUrl(relativeUrl, nodeName, HttpMethod.Post); body.push(multiPartItemUrl); this.writeCommonSection(nodeName, body, host, requestId, request); body.push(`${headerConstants.CONTENT_TYPE}: application/json; charset=utf-8`); body.push(`${headerConstants.ACCEPT}: application/json, text/plain, */*`); body.push('\r\n'); body.push(data); } /** * Create a HTTP Put request and add it to to the multi-Part body. * * @param nodeName : node being targeted with the request. Used for Auth headers. * @param relativeUrl : the relative url of node for Put request. * @param body : the HTTP request body to populate with PUT command. * @param host : Host to run request against. * @param requestId The request Id to be used for the part call. * @param data : optional data for the Put request. * @param request : optional node request options. */ addPutCommand(nodeName, relativeUrl, body, host, requestId, data, request) { const multiPartItemUrl = this.getNodeUrl(relativeUrl, nodeName, HttpMethod.Put); body.push(multiPartItemUrl); this.writeCommonSection(nodeName, body, host, requestId, request); if (!data) { body.push('\r\n'); } else { body.push(`${headerConstants.CONTENT_TYPE}: application/json; charset=utf-8`); body.push(`${headerConstants.ACCEPT}: application/json, text/plain, */*`); body.push('\r\n'); body.push(data); } } /** * Write common session to body for all HTTP request types. * @param nodeName : node being targeted with the request. * @param body : The body string of the multi-part request being formed. * @param host : The host node(gateway node) for the batch call. * @param requestId The request Id to be used for the part call. * @param request : optional. The node request options. */ writeCommonSection(nodeName, body, host, requestId, request) { body.push('Host: ' + host); body.push('request-id: ' + requestId); body.push(headerConstants.MODULE_NAME + ': ' + EnvironmentModule.getModuleName()); body.push(headerConstants.MODULE_VERSION + ': ' + EnvironmentModule.getModuleVersion()); if (request) { if (request.logAudit === true || request.logAudit === false) { body.push(headerConstants.LOG_AUDIT + (request.logAudit ? ': true' : ': false')); } if (request.logTelemetry === true || request.logTelemetry === false) { body.push(headerConstants.LOG_TELEMETRY + (request.logTelemetry ? ': true' : ': false')); } const endpoint = this.authorizationManager.getJeaEndpoint(nodeName); if (request.powerShellEndpoint) { body.push(headerConstants.POWERSHELL_ENDPOINT + ': ' + request.powerShellEndpoint); } else if (endpoint) { body.push(headerConstants.POWERSHELL_ENDPOINT + ': ' + endpoint); } } this.authorizationManager.addAuthorizationTokensToMultiPartBody(body, nodeName, (request && request.authToken)); } /** * Creates a full Node url for multiPart call * Ex: PUT /api/nodes/<nodeName>/<relativeUrl> HTTP/1.1 * * @param relativeUrl the relative Url after "/nodes" * @param nodeName the name of the node to make a call against * @param actionName the Http call type: Put/Post/Delete/Get. */ getNodeUrl(relativeUrl, nodeName, actionName) { if (!relativeUrl.startsWith('/')) { relativeUrl = `/${relativeUrl}`; } const nodesUrl = Net.updateApiVersion20190201(`nodes/${nodeName}${relativeUrl}`); const fullRelativeUrl = Net.apiRoot.format(nodesUrl); return Net.multiPartCallBodyUrl.format(actionName, fullRelativeUrl); } /** * Creates a list of guids to be used as request-ids in batch request. * * @param count the count of guids to be produced * @return the array of generated guids */ generateGuidsList(count) { const guidsList = []; for (let index = 0; index < count; index++) { guidsList.push(MsftSme.newGuid()); } return guidsList; } /** * Creates a map of guids to NodeNames and sequence number, to be used to parse responses. * * @param orderedNodesList the list of Nodes to run batch against. * @param guidsList the list of guids to be used for requests. * @return the map of generated guids to BatchRequestContext */ generateGuidToRequestContextMap(orderedNodesList, guidsList) { if (orderedNodesList.length !== guidsList.length) { throw new Error(); } const guidToRequestCtxMap = {}; for (let index = 0; index < orderedNodesList.length; index++) { const sequenceNumber = index + 1; const nodeName = orderedNodesList[index]; guidToRequestCtxMap[guidsList[index]] = { sequenceNumber, nodeName }; } return guidToRequestCtxMap; } /** * Parses http response. * See http://stackoverflow.com/questions/21229418/how-to-process-parse-read-a-multipart-mixed-boundary-batch-response * for sample response. * @param responseData: multipart response as received from the Batch call. * @param guidToRequestCtxMap: the map of request-id guids to BatchRequestContext. */ parseMultiPartResponse(responseData, guidToRequestCtxMap) { // ToDo: Check if we can update Gateway connection to get handle of response header, so we can extract the boundary from there. // Try to get boundary string from the response. const indexBoundaryStart = responseData.indexOf('--'); const indexBoundaryEnd = responseData.indexOf('\r\n'); if (indexBoundaryStart < 0 || indexBoundaryEnd < 0 || indexBoundaryStart > indexBoundaryEnd) { Logging.log({ source: 'Batch PowerShell', level: LogLevel.Error, message: MsftSme.getStrings().MsftSmeShell.Core.Error.BatchResponseParsing.message .format(indexBoundaryStart, indexBoundaryEnd) }); return []; } const boundary = responseData.slice(indexBoundaryStart, indexBoundaryEnd); const items = responseData.split(boundary); const results = []; for (const item of items) { if (item === '' || item === '--\r\n') { continue; } const rows = item.split('\r\n'); let status; let data; let requestId; for (const row of rows) { if (row.startsWith('HTTP/')) { const values = row.split(' '); status = +values[1]; } else if (row.toLowerCase().startsWith('request-id')) { const values = row.split(' '); requestId = values[1]; if (!requestId) { Logging.log({ source: 'Batch PowerShell', level: LogLevel.Warning, message: `Couldn't parse request-id from the response: ${item}` }); } } else if (row.startsWith('{') && row.endsWith('}')) { try { // try parse only when we have a valid return code. if (!!status && status < 400) { data = JSON.parse(row); } else { // error response also JSON format mostly. data = row; if (typeof row === 'string') { try { data = JSON.parse(row); } catch { // ignore } } } } catch (exception) { // Log Exception on JSON parse fail. Logging.log({ source: 'Batch PowerShell', level: LogLevel.Error, message: exception.message }); // re throw. throw exception; } } } const response = { status: status, response: data }; const sequenceNumber = guidToRequestCtxMap[requestId]?.sequenceNumber; const nodeName = guidToRequestCtxMap[requestId]?.nodeName; results.push({ response, nodeName, sequenceNumber }); } return results; } } //# sourceMappingURL=batch-connection.js.map // SIG // Begin signature block // SIG // MIIoKAYJKoZIhvcNAQcCoIIoGTCCKBUCAQExDzANBglg // SIG // hkgBZQMEAgEFADB3BgorBgEEAYI3AgEEoGkwZzAyBgor // SIG // BgEEAYI3AgEeMCQCAQEEEBDgyQbOONQRoqMAEEvTUJAC // SIG // AQACAQACAQACAQACAQAwMTANBglghkgBZQMEAgEFAAQg // SIG // BTLgA3SjPqTrgXv5SD/c97aerkkly8wRueVpsapOZxag // SIG // gg12MIIF9DCCA9ygAwIBAgITMwAABARsdAb/VysncgAA // SIG // AAAEBDANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJV // SIG // UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH // SIG // UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv // SIG // cmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQgQ29kZSBT // SIG // aWduaW5nIFBDQSAyMDExMB4XDTI0MDkxMjIwMTExNFoX // SIG // DTI1MDkxMTIwMTExNFowdDELMAkGA1UEBhMCVVMxEzAR // SIG // BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v // SIG // bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv // SIG // bjEeMBwGA1UEAxMVTWljcm9zb2Z0IENvcnBvcmF0aW9u // SIG // MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA // SIG // tCg32mOdDA6rBBnZSMwxwXegqiDEUFlvQH9Sxww07hY3 // SIG // w7L52tJxLg0mCZjcszQddI6W4NJYb5E9QM319kyyE0l8 // SIG // EvA/pgcxgljDP8E6XIlgVf6W40ms286Cr0azaA1f7vaJ // SIG // jjNhGsMqOSSSXTZDNnfKs5ENG0bkXeB2q5hrp0qLsm/T // SIG // WO3oFjeROZVHN2tgETswHR3WKTm6QjnXgGNj+V6rSZJO // SIG // /WkTqc8NesAo3Up/KjMwgc0e67x9llZLxRyyMWUBE9co // SIG // T2+pUZqYAUDZ84nR1djnMY3PMDYiA84Gw5JpceeED38O // SIG // 0cEIvKdX8uG8oQa047+evMfDRr94MG9EWwIDAQABo4IB // SIG // czCCAW8wHwYDVR0lBBgwFgYKKwYBBAGCN0wIAQYIKwYB // SIG // BQUHAwMwHQYDVR0OBBYEFPIboTWxEw1PmVpZS+AzTDwo // SIG // oxFOMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQLExVNaWNy // SIG // b3NvZnQgQ29ycG9yYXRpb24xFjAUBgNVBAUTDTIzMDAx // SIG // Mis1MDI5MjMwHwYDVR0jBBgwFoAUSG5k5VAF04KqFzc3 // SIG // IrVtqMp1ApUwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDov // SIG // L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWlj // SIG // Q29kU2lnUENBMjAxMV8yMDExLTA3LTA4LmNybDBhBggr // SIG // BgEFBQcBAQRVMFMwUQYIKwYBBQUHMAKGRWh0dHA6Ly93 // SIG // d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWlj // SIG // Q29kU2lnUENBMjAxMV8yMDExLTA3LTA4LmNydDAMBgNV // SIG // HRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQCI5g/S // SIG // KUFb3wdUHob6Qhnu0Hk0JCkO4925gzI8EqhS+K4umnvS // SIG // BU3acsJ+bJprUiMimA59/5x7WhJ9F9TQYy+aD9AYwMtb // SIG // KsQ/rst+QflfML+Rq8YTAyT/JdkIy7R/1IJUkyIS6srf // SIG // G1AKlX8n6YeAjjEb8MI07wobQp1F1wArgl2B1mpTqHND // SIG // lNqBjfpjySCScWjUHNbIwbDGxiFr93JoEh5AhJqzL+8m // SIG // onaXj7elfsjzIpPnl8NyH2eXjTojYC9a2c4EiX0571Ko // SIG // mhENF3RtR25A7/X7+gk6upuE8tyMy4sBkl2MUSF08U+E // SIG // 2LOVcR8trhYxV1lUi9CdgEU2CxODspdcFwxdT1+G8YNc // SIG // gzHyjx3BNSI4nOZcdSnStUpGhCXbaOIXfvtOSfQX/UwJ // SIG // oruhCugvTnub0Wna6CQiturglCOMyIy/6hu5rMFvqk9A // SIG // ltIJ0fSR5FwljW6PHHDJNbCWrZkaEgIn24M2mG1M/Ppb // SIG // /iF8uRhbgJi5zWxo2nAdyDBqWvpWxYIoee/3yIWpquVY // SIG // cYGhJp/1I1sq/nD4gBVrk1SKX7Do2xAMMO+cFETTNSJq // SIG // fTSSsntTtuBLKRB5mw5qglHKuzapDiiBuD1Zt4QwxA/1 // SIG // kKcyQ5L7uBayG78kxlVNNbyrIOFH3HYmdH0Pv1dIX/Mq // SIG // 7avQpAfIiLpOWwcbjzCCB3owggVioAMCAQICCmEOkNIA // SIG // AAAAAAMwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYT // SIG // AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH // SIG // EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y // SIG // cG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBSb290 // SIG // IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDExMB4XDTEx // SIG // MDcwODIwNTkwOVoXDTI2MDcwODIxMDkwOVowfjELMAkG // SIG // A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO // SIG // BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m // SIG // dCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9zb2Z0 // SIG // IENvZGUgU2lnbmluZyBQQ0EgMjAxMTCCAiIwDQYJKoZI // SIG // hvcNAQEBBQADggIPADCCAgoCggIBAKvw+nIQHC6t2G6q // SIG // ghBNNLrytlghn0IbKmvpWlCquAY4GgRJun/DDB7dN2vG // SIG // EtgL8DjCmQawyDnVARQxQtOJDXlkh36UYCRsr55JnOlo // SIG // XtLfm1OyCizDr9mpK656Ca/XllnKYBoF6WZ26DJSJhIv // SIG // 56sIUM+zRLdd2MQuA3WraPPLbfM6XKEW9Ea64DhkrG5k // SIG // NXimoGMPLdNAk/jj3gcN1Vx5pUkp5w2+oBN3vpQ97/vj // SIG // K1oQH01WKKJ6cuASOrdJXtjt7UORg9l7snuGG9k+sYxd // SIG // 6IlPhBryoS9Z5JA7La4zWMW3Pv4y07MDPbGyr5I4ftKd // SIG // gCz1TlaRITUlwzluZH9TupwPrRkjhMv0ugOGjfdf8NBS // SIG // v4yUh7zAIXQlXxgotswnKDglmDlKNs98sZKuHCOnqWbs // SIG // YR9q4ShJnV+I4iVd0yFLPlLEtVc/JAPw0XpbL9Uj43Bd // SIG // D1FGd7P4AOG8rAKCX9vAFbO9G9RVS+c5oQ/pI0m8GLhE // SIG // fEXkwcNyeuBy5yTfv0aZxe/CHFfbg43sTUkwp6uO3+xb // SIG // n6/83bBm4sGXgXvt1u1L50kppxMopqd9Z4DmimJ4X7Iv // SIG // hNdXnFy/dygo8e1twyiPLI9AN0/B4YVEicQJTMXUpUMv // SIG // dJX3bvh4IFgsE11glZo+TzOE2rCIF96eTvSWsLxGoGyY // SIG // 0uDWiIwLAgMBAAGjggHtMIIB6TAQBgkrBgEEAYI3FQEE // SIG // AwIBADAdBgNVHQ4EFgQUSG5k5VAF04KqFzc3IrVtqMp1 // SIG // ApUwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYD // SIG // VR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j // SIG // BBgwFoAUci06AjGQQ7kUBU7h6qfHMdEjiTQwWgYDVR0f // SIG // BFMwUTBPoE2gS4ZJaHR0cDovL2NybC5taWNyb3NvZnQu // SIG // Y29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0 // SIG // MjAxMV8yMDExXzAzXzIyLmNybDBeBggrBgEFBQcBAQRS // SIG // MFAwTgYIKwYBBQUHMAKGQmh0dHA6Ly93d3cubWljcm9z // SIG // b2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0MjAx // SIG // MV8yMDExXzAzXzIyLmNydDCBnwYDVR0gBIGXMIGUMIGR // SIG // BgkrBgEEAYI3LgMwgYMwPwYIKwYBBQUHAgEWM2h0dHA6 // SIG // Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvZG9jcy9w // SIG // cmltYXJ5Y3BzLmh0bTBABggrBgEFBQcCAjA0HjIgHQBM // SIG // AGUAZwBhAGwAXwBwAG8AbABpAGMAeQBfAHMAdABhAHQA // SIG // ZQBtAGUAbgB0AC4gHTANBgkqhkiG9w0BAQsFAAOCAgEA // SIG // Z/KGpZjgVHkaLtPYdGcimwuWEeFjkplCln3SeQyQwWVf // SIG // Liw++MNy0W2D/r4/6ArKO79HqaPzadtjvyI1pZddZYSQ // SIG // fYtGUFXYDJJ80hpLHPM8QotS0LD9a+M+By4pm+Y9G6XU // SIG // tR13lDni6WTJRD14eiPzE32mkHSDjfTLJgJGKsKKELuk // SIG // qQUMm+1o+mgulaAqPyprWEljHwlpblqYluSD9MCP80Yr // SIG // 3vw70L01724lruWvJ+3Q3fMOr5kol5hNDj0L8giJ1h/D // SIG // Mhji8MUtzluetEk5CsYKwsatruWy2dsViFFFWDgycSca // SIG // f7H0J/jeLDogaZiyWYlobm+nt3TDQAUGpgEqKD6CPxNN // SIG // ZgvAs0314Y9/HG8VfUWnduVAKmWjw11SYobDHWM2l4bf // SIG // 2vP48hahmifhzaWX0O5dY0HjWwechz4GdwbRBrF1HxS+ // SIG // YWG18NzGGwS+30HHDiju3mUv7Jf2oVyW2ADWoUa9WfOX // SIG // pQlLSBCZgB/QACnFsZulP0V3HjXG0qKin3p6IvpIlR+r // SIG // +0cjgPWe+L9rt0uX4ut1eBrs6jeZeRhL/9azI2h15q/6 // SIG // /IvrC4DqaTuv/DDtBEyO3991bWORPdGdVk5Pv4BXIqF4 // SIG // ETIheu9BCrE/+6jMpF3BoYibV3FWTkhFwELJm3ZbCoBI // SIG // a/15n8G9bW1qyVJzEw16UM0xghoKMIIaBgIBATCBlTB+ // SIG // MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv // SIG // bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj // SIG // cm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNy // SIG // b3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExAhMzAAAE // SIG // BGx0Bv9XKydyAAAAAAQEMA0GCWCGSAFlAwQCAQUAoIGu // SIG // MBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCisG // SIG // AQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3 // SIG // DQEJBDEiBCDZ4+93ZeViKuRZylI/itUETJ71FSdpRYmZ // SIG // ePhzSwnubDBCBgorBgEEAYI3AgEMMTQwMqAUgBIATQBp // SIG // AGMAcgBvAHMAbwBmAHShGoAYaHR0cDovL3d3dy5taWNy // SIG // b3NvZnQuY29tMA0GCSqGSIb3DQEBAQUABIIBAGXm/URB // SIG // Zc2Ih7Kvxp2cFwYR0nbkJQs+P4w8IBi50OQROHvFZA8V // SIG // fr0IUoSfgfOrrS6wzK0JaHhqXQD76eLOBOf2ltBrSvOv // SIG // 8LMstXUuASDZPJQ1AaiRLqNPS2fEPadEvfzyyYSQ14wX // SIG // oLA9B2LKsz6OJZySjdMV6nxONsq2N3pld2P5TKHWpnio // SIG // PzWlkWTuNilXdAA9jo8Ym0pAsx11qrgnSCcUUuMLPTSa // SIG // +gps9AhZtLunQDrML3UCtZRaLVqn0upvy7eGp9Ikm3RK // SIG // UnhAFRJmsGLetJMaH9w3M4wwC5PnH1L8WLtj+dNVMt34 // SIG // aJL+eT+mPp2SwABhruT4UxxGcryhgheUMIIXkAYKKwYB // SIG // BAGCNwMDATGCF4Awghd8BgkqhkiG9w0BBwKgghdtMIIX // SIG // aQIBAzEPMA0GCWCGSAFlAwQCAQUAMIIBUgYLKoZIhvcN // SIG // AQkQAQSgggFBBIIBPTCCATkCAQEGCisGAQQBhFkKAwEw // SIG // MTANBglghkgBZQMEAgEFAAQgcRwZTGuCLSSY9365gzhg // SIG // Qt4XoPCFfxj4cVIBEenZXWUCBmeuHCKiWRgTMjAyNTAy // SIG // MjAxNTI4MzYuNTczWjAEgAIB9KCB0aSBzjCByzELMAkG // SIG // A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO // SIG // BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m // SIG // dCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0 // SIG // IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNo // SIG // aWVsZCBUU1MgRVNOOjM3MDMtMDVFMC1EOTQ3MSUwIwYD // SIG // VQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNl // SIG // oIIR6jCCByAwggUIoAMCAQICEzMAAAHqmiRy1Vk/YWMA // SIG // AQAAAeowDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMC // SIG // VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT // SIG // B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw // SIG // b3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUt // SIG // U3RhbXAgUENBIDIwMTAwHhcNMjMxMjA2MTg0NTMwWhcN // SIG // MjUwMzA1MTg0NTMwWjCByzELMAkGA1UEBhMCVVMxEzAR // SIG // BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v // SIG // bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv // SIG // bjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3Bl // SIG // cmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNO // SIG // OjM3MDMtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3Nv // SIG // ZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG // SIG // 9w0BAQEFAAOCAg8AMIICCgKCAgEAtQtf8Ug/IAfV+y7n // SIG // aKNq1m9pLKmheuULSZG0KZrHOhuG4OTDr+lj/7ieFzib // SIG // yl/3NbdHo+KFganRg+lW411+E9Cn8pU7pa8yrYMZ8WYe // SIG // 6tbg9A8v8ORtAyQz2+qMUK8+rzFdmd8vWcY32agZw36h // SIG // qJ/+FQx52YXWrNtrL0guRh8sLENifdDDOy+HnGPE5yyP // SIG // OZF101REm9PbcS9rRzGKwfihwstPHbN+mp+yHDhn0ZoR // SIG // 2xaD2uaJvWBqVSkvMXk+xAMFu1m1y/5aOafSkUSIwJbA // SIG // QRw9U3RgbnKxgt00F0k6fbOw45L7zRblGtASrM+lIgi8 // SIG // SRkEmYXdojiUxHydX8WJNp2OkgirFflZrVeWoj82P7Fq // SIG // BWOeNvs86wD6+Hpa76/bgenIvynIv/xDhEWRFEwT1zBP // SIG // 4mvrfI609st7oNeTEglboTrDa5rmRcGkQq0RA9Ms+Ffc // SIG // JTExhyCVueYjTNxz1SSdfbzkr6wj/ZbBHBMFmSENRQsj // SIG // zp5DNX7O/PNHWoQGuVJj6jJOVhCscwz1adPNV+UUOhxl // SIG // VM+mXYENI3E+fRBvgigz0Q+psfKL8yKUv6/8BBzyreZD // SIG // oWK48kB13PShyk1n16QFY9UsqreV+J6/jKXrm7/jfz40 // SIG // BD69ImCQ40sya6iC4QbOacrW+r8kfB1FTKfpgAOK14zs // SIG // ONr5B30CAwEAAaOCAUkwggFFMB0GA1UdDgQWBBQrgUUl // SIG // olHm6RdAVNTEyHKLBW5ZXjAfBgNVHSMEGDAWgBSfpxVd // SIG // AF5iXYP05dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQ // SIG // hk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz // SIG // L2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENB // SIG // JTIwMjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwG // SIG // CCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5j // SIG // b20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUt // SIG // U3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMB // SIG // Af8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA4G // SIG // A1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAgEA // SIG // KIOtVl4/fv58VW19xt+yoL8qDQJ7rtsNx6FmY9x9GAnk // SIG // N2/SkmU4VU4VuIhXB6yp4RTAW1yV+LkCOd5Dlkmlgmld // SIG // 8Qs56Ubd3OP4Ep93bzv9Rj9zCZKSX4KOegoEvcyzoj99 // SIG // ZH5qVHT6npGW+IrzEei6D2+RzZatFmwacxW7bE4za08n // SIG // 6qnKgMHOq/fQ39lEE6g2tL88KQPAsYgINipWz8jMATj3 // SIG // K/YSU/LBqV/2YSw4ddXWXG1AM1x6NUSaK0kn7VWvYS1p // SIG // 88RsxBmnz1MC5qBE4oThi6iEJQqb6/eB4mpNBqtMGOpX // SIG // blEI5P5cWeBMwMP3BjHpPCd0HYjUvLvbo2IdQezS6+rd // SIG // yIJX0nA1d23VVnrdYrU1KClUSyIr0Q8AE+3UR9dwqt9o // SIG // 9iRuQWLv14rURPHHc2iZg1Qc2IZT5fUF7wvuqkfCOjSD // SIG // f/fdeG06v0uIOhReH9XYsVMROKpX1DzIsRq9BbeP0tD+ // SIG // H8JobPlh0Z+tjweI98wh4sSiQrEZ/SEdxMQUCkHTIuWr // SIG // oqgesUAQA1H/he4UimX2wPLBUha3i0qob4/qlEBfODXM // SIG // bmsaWyVlabDtfCC+EG7eOQs/0DGuxJjBjZ+2vDDN7k0D // SIG // pUMtLunP46tddYtSajI2sk3HkGTTATDORDHOQ6+Zt0+G // SIG // w4/VkzS4D/EhXtxKk2llTDkwggdxMIIFWaADAgECAhMz // SIG // AAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUA // SIG // MIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu // SIG // Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMV // SIG // TWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylN // SIG // aWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3Jp // SIG // dHkgMjAxMDAeFw0yMTA5MzAxODIyMjVaFw0zMDA5MzAx // SIG // ODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX // SIG // YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD // SIG // VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNV // SIG // BAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw // SIG // MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA // SIG // 5OGmTOe0ciELeaLL1yR5vQ7VgtP97pwHB9KpbE51yMo1 // SIG // V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64NmeF // SIG // RiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDc // SIG // wUTIcVxRMTegCjhuje3XD9gmU3w5YQJ6xKr9cmmvHaus // SIG // 9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl3GoPz130 // SIG // /o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHI // SIG // NSi947SHJMPgyY9+tVSP3PoFVZhtaDuaRr3tpK56KTes // SIG // y+uDRedGbsoy1cCGMFxPLOJiss254o2I5JasAUq7vnGp // SIG // F1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+ // SIG // /NmeRd+2ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fz // SIG // pk03dJQcNIIP8BDyt0cY7afomXw/TNuvXsLz1dhzPUNO // SIG // wTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLi // SIG // Mxhy16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5 // SIG // UPkLiWHzNgY1GIRH29wb0f2y1BzFa/ZcUlFdEtsluq9Q // SIG // BXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6H // SIG // XtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIG // SIG // CSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUCBBYE // SIG // FCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQWBBSf // SIG // pxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEG // SIG // DCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRw // SIG // Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3Mv // SIG // UmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUH // SIG // AwgwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYD // SIG // VR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j // SIG // BBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0f // SIG // BE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQu // SIG // Y29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0 // SIG // XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBK // SIG // BggrBgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQu // SIG // Y29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0w // SIG // Ni0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1Vffwq // SIG // reEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1 // SIG // OdfCcTY/2mRsfNB1OW27DzHkwo/7bNGhlBgi7ulmZzpT // SIG // Td2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pvvinL // SIG // btg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l // SIG // 9qRWqveVtihVJ9AkvUCgvxm2EhIRXT0n4ECWOKz3+SmJ // SIG // w7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWKNsIdw2Fz // SIG // Lixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7 // SIG // hvoyGtmW9I/2kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY // SIG // 3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+c23Kjgm9swFX // SIG // SVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFU // SIG // a2pFEUep8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz // SIG // /gq77EFmPWn9y8FBSX5+k77L+DvktxW/tM4+pTFRhLy/ // SIG // AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1 // SIG // ZyvgDbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328 // SIG // y+l7vzhwRNGQ8cirOoo6CGJ/2XBjU02N7oJtpQUQwXEG // SIG // ahC0HVUzWLOhcGbyoYIDTTCCAjUCAQEwgfmhgdGkgc4w // SIG // gcsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n // SIG // dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN // SIG // aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1p // SIG // Y3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMxJzAlBgNV // SIG // BAsTHm5TaGllbGQgVFNTIEVTTjozNzAzLTA1RTAtRDk0 // SIG // NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAg // SIG // U2VydmljZaIjCgEBMAcGBSsOAwIaAxUAidse3EH46UbJ // SIG // CfFBiHLTgpJhJI+ggYMwgYCkfjB8MQswCQYDVQQGEwJV // SIG // UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH // SIG // UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv // SIG // cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1T // SIG // dGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQsFAAIFAOth // SIG // K9cwIhgPMjAyNTAyMjAwNDE5MzVaGA8yMDI1MDIyMTA0 // SIG // MTkzNVowdDA6BgorBgEEAYRZCgQBMSwwKjAKAgUA62Er // SIG // 1wIBADAHAgEAAgIe1zAHAgEAAgIUJDAKAgUA62J9VwIB // SIG // ADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMC // SIG // oAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3 // SIG // DQEBCwUAA4IBAQBwHC5Wp7wT3GmvVZTrBLC3U5Zooxnk // SIG // 3zQ5Vz5Q4SQgejguxV9KLVSKlz2YShpbjFbBgOx5Llhe // SIG // AYxp48wV5yJtN38z5nA+VxxmVwWhgUxagAWw+yoaEkeR // SIG // d6OnxSlxYNhYKfbkAifB2LZpXrr5kYByjfBnkHNIv4VB // SIG // JcwIg+oXNMIwi/HX4k0otB39l/ruYv7/4KeatcfgdiNc // SIG // Bi8ycdf8RYgBJ7Keiy85HqBjfVF5QD/w28knib9sr3T0 // SIG // qhZyqVdqamwO4wfO388PBKHuaRSFE5vyoNH59RJHqP5C // SIG // NLk9hcxhsNd+VzL9fVJnMympMqFQOM/xoh/rlrkPhK9o // SIG // UdfCMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMx // SIG // EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl // SIG // ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh // SIG // dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3Rh // SIG // bXAgUENBIDIwMTACEzMAAAHqmiRy1Vk/YWMAAQAAAeow // SIG // DQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzEN // SIG // BgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgcDFe // SIG // PrrOT2HRbtmSGkBKGQjrNpi0SHfWjbDh8SGSoXAwgfoG // SIG // CyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCApj6HV42Q0 // SIG // eIsINJbSwDVwYeRtbiqiiL6vLIynpLhmeDCBmDCBgKR+ // SIG // MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n // SIG // dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN // SIG // aWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1p // SIG // Y3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB // SIG // 6pokctVZP2FjAAEAAAHqMCIEIGyjaIeIa7Ei9ibtJl0b // SIG // vz0NvJpIKDh1OAlHHM2qxjN9MA0GCSqGSIb3DQEBCwUA // SIG // BIICACPCUPNsUD+f7DH+yo5N7KYzJHteYq6nXNRu4HuA // SIG // zjDMGR1g8wZ+m6jQh2gLoE5idWgF8ZrvXnSKiYbSiK12 // SIG // eFN/AAZtbZv9nm1SS19AEpXmuBnDkX5jUCEp9pkaeF4x // SIG // 3PXqGdm+vIeX4kq/SpAcLhLbkzDmW0MjplEpT8pN8TrT // SIG // wRr/ySbTMKQVlDcFW3CG5bdkqBtsfO6PaR6mztBhc6Kj // SIG // PET/0fixEfc7SNPcQ6WHIn6C1YNts+BLN8HF9Nsj/IRQ // SIG // IU4LRvK3ZX7fgGkyGZ4jRgT3EsUJ5AIRgg/rQX/tQqgq // SIG // lQWvkaJkImsjWsY0x8SnPsA46fJ39+qm87LxVDKrBR9C // SIG // PlmhoqiN80iF/LtBlvvwUtt8VgZrn2+umE7lOwsLx95D // SIG // jIMq05ux+D3N4vwlmAJLypc+o2vunWaU+J/EPkjcbAOF // SIG // Zv1oMZKkCdKGWnEXnY/ZEA7H9TJymb+fB5x8TIvmDjRA // SIG // Uk9vWH1qWGfJw7838wGMWoTkreCDUfPHjG652KNNX5Xi // SIG // K4K3oJs25jKi5ndk7qa6q2GOJRLz5yJ7KVOzaQmyKMfr // SIG // pZGGEwsDgD8Wcsh9F15vTFdELAixiV/1HqHtYUbpB9Nr // SIG // 5+2ZKzPfD9olhZz2zSnbemxWW+x5FVKxxZN4PiKOfCgD // SIG // 5X77pYncal0YAX5zNzlNP8+2XntS // SIG // End signature block